Microsoft Purview Engineer

Our client, a major entertainment/media firm located in NYC (Midtown), is looking to hire a Microsoft Purview Engineer. This is a 1 year contract to hire position. The expectation for this role will be hybrid consisting of 4 days onsite at either my Clients Bethpage Long Island, Midtown Manhattan, Santa Monica California or Houston Texas office. The Purview Engineer is a key role within Enterprise Systems team, responsible for designing, implementing, and managing data classification and data loss prevention solutions using Microsoft Purview. This role requires a strong understanding of data governance, compliance, and security operations, with a focus on protecting sensitive information and ensuring regulatory compliance.

JOB RESPONSIBILITIES

• Implement and manage Microsoft Purview for enterprise-wide data classification and governance.
• Define and enforce data labeling and classification policies to secure sensitive information.
• Establish policy naming standards, versioning, and documentation for repeatability and audit readiness
• Create and configure trainable classifiers to identify sensitive data and ensure accurate classification.
• Set up alert triggers for policy violations and unauthorized access.
• Develop systems to prioritize alerts by severity for rapid response.
• Create and manage DLP policies to prevent unauthorized data access and sharing.
• Monitor and respond to DLP incidents, investigate breaches, and implement corrective actions.
• Optimize DLP solutions for performance and effectiveness.
• Develop and maintain security policies aligned with SOC2, ISO 27001, GDPR, HIPAA, and NIST.
• Prepare reports on DLP effectiveness and compliance for management and auditors.
• Conduct training sessions and awareness programs on data protection policies.
• Maintain expert awareness of new DLP capabilities and known issues; pilot relevant features and recommend adoption paths.
• Collaborate with IT, business, and security teams to ensure comprehensive data protection
• Produce runbooks, MOPs, FAQ/help pages, documentation

QUALIFICATIONS

• Minimum 5 years of experience in Microsoft 365 security/compliance, with a focus on data classification, labeling and DLP.
• Implementing Exact Data Matching (including hashing/uploading pipelines)
• Comfortable with Activity Explorer, Content Explorer, policy tips, incident reports, and alert routing; strong false-positive reduction discipline (proximity, exclusions, instance counts, confidence).
• Hands-on experience with Microsoft Purview, Proofpoint, and Varonis.
• Strong understanding of compliance frameworks: SOC2, ISO 27001, GDPR, HIPAA, NIST.
• Experience in creating, deploying, and managing security policies and procedures.
• Excellent communication and documentation skills.
• Bonus: Experience with Exchange Online MRM (retention tags/policies) and Microsoft Purview eDiscovery (Standard/Premium) or a strong willingness to learn.
• Preferred certifications: Microsoft Certified: Security, Compliance, and Identity Fundamentals (SC- 900), Microsoft Certified: Information Security Administrator Associate (SC-400), CISM, ISO 27001 Lead Auditor, CEH.